Securing Controller Area Networks in Vehicles Via Packet Switched Network Segregation

Eddie K. Caberto


As automobiles become increasingly connected via multiple wireless capabilities, the lack of security has become a substantial vulnerability. This growth in functionality and convenience has also increased access to a vehicles Controller Area Network (CAN). CAN, the primary intra-vehicle network, allows time-sensitive communication between electronic control units (ECUs) that control one or many in-vehicle systems. Although CAN has proven very effective in data transfer, it was not designed for security. While some steps could be taken to add security layers and features to the existing CAN protocol, introducing security inevitably adds cost, data latency, and potentially reduces data throughput. There is a growing need to secure CAN networks without completely changing the protocol. To improve the security within an automobile without an overhaul to the popular CAN protocol, this research developed the Secure CAN Architecture to provide security primitives at the data link layer. When combined with existing network security techniques, it introduces a number of possible security features. A flexible architecture such as this one provides vehicle manufacturers with an option to securely architect their CAN networks in current and future vehicle designs mitigating specific current, and possibly future, risks on an automotive CAN network. These methods apply to other applications with similar communication protocols.